Certification Standards and Processes for Electronic Health Record Systems
(MEDINFO Tutorial)

 This course requires an enrolment key


Vendor- and developer-independent audits and certification standards and processes are an essential component of the adoption culture of Electronic Health Record Systems (EHR-S). Countries vary widely on whether certification programs for EHR-S are in place, and what and how certication compliance is assured and certificates issued. In this tutorial we intend to identify the reasons for, advantages, issues and methodology in EHR-S certification, compare some national certification programs, such as in the USA and in Brazil, and instruct on how to assemble such a national program and how to prepare your EHR-S for certification in different scenarios, including the use of digital certificates and signatures.

The tutorial aims to present the scope and requirements for mandatory compliance of EHR-S to structure, functionality, contents, information security and protection, patient safety, data quality, interoperability, etc. International (e.g. ISO) and national (e.g. USA HIT ONC) published and consensus-based standards which are used in certification processes.

Target Public and Pre-Requisites

Electronic Health Record Systems developers and managers. quality assurance and information security, protection and confidentiality professionals and students; innovation, development, implementation and standards and software certification compliance leaders in EHR-S providers; clinical users interested in the area of healthcare software certification and compliance, quality assurance, patient safety and confidentiality, among others.

A prior basic knowledge of EHR and EHR systems is recommended, in order to understand better the topics covered by the tutorial, as well as fundamental aspects of information standards in health, computer security and software quality. No prior knowledge of software certification processes is required.


The course covered the following topics:

  1. Introduction and aims of certification of EHR-S
  2. International and national standards for EHR-S: how they are built and published and by whom, how and where they are adopted
  3. The scope of EHR-S certification
  4. Information security, integrity, protection and authentication.
  5. Levels of certification assurance;
  6. EHR architecture, demographic and clinical data contents, data representation and coding standards;
  7. EHR functionalities for the clinical applications;
  8. EHR interoperability standards and functionalities;
    • The specification of requirements for certification
    • Types and levels of certification;
    • Testing procedures for requirements compliance
    • The issuance and use of EHR-S certificates;
  9. Comparison of certification systems in several countries;
  10. The specific case and experience in healthcare software certification in Brazil;
  11. The use of digital certificates, a PKI structure and adoption by physicians for use with EHR-S;
  12. Current results (Comparison of USA and Brazil, as examples);
  13. How to set up a national EHR-S certification program;
  14. How to prepare your software for a certification process;
  15. Training and education in Healthcare Software Certification (the EduCert Program as an example).
  16. Other specific cases for certification: mobile applications, embedded applications, clinical decision support. American FDA and the certification conundrum
  17. Conclusions and recommendations
Educational Objectives

At the end of this tutorial it is expected that the attendees will be able to:
  1. Understand the aims, history, rationale, and advantages of EHR-S certification
  2. List the main health information and system standards on which most certification programs are based
  3. Identify the diverse scopes and contents of EHR-S certification requirements, and how they are tested and assured as to compliance
  4. Discuss the main EHR-S certification processes in different countries
  5. Understand the requirements for establishing a national certification process
  6. Identify the steps and requirements for preparing a EHR-S for certification
  7. List information and educational resources in order to learn more about healthcare software certification

The Instructor

Prof. Dr. Renato M.E. Sabbatini, PhD

Prof. Renato M.E. Sabbatini is a university associate professor and researcher in biomedical and health informatics since 1972, having founded and lead several groups and centers in the area. He has an extensive experience in the area of clinical health care software standards and certification processes, and has been active as a major technical consultant in Brazil to companies and institutions wishing to acquire certification for their systems according to the joint requirements of the Brazilian Society of Health Informatics and the Federal Council of Medicine. Furthermore, he is active in the education and training in the area, as the creator and chairman of the pioneering EduCert Program for Training and Education of Consultants and Auditors in Software Certification, which has created and offered many courses on the subject. As a member and director of HL7 Brazil and IHE Brazil, he has been active in the design and implementation of new certification processes.

Website: http://renato.sabbatini.com

This course requires an enrolment key